All Articles

Welcome back so another attack um they had a wave of uh exploiting organizations and we were kind of interested to know why they came back they were they had their fortinet capability they were using that but how did they get back and this specific organization for example they actually patched the so-called fortinet vulnerability so we were trying to dig really deep and understand how they got in and we throughout our research we found the wipers we found indications of them using xero logon we found in the case of using the same ipsec helper they were using in other attacks and we're also using the same telegram leaks and the same media attention so it was obviously the same group but we were not quite sure how they got in and then we digged in a bit and surprised to price another fortinet vulnerability this time from july 2020. Something crazy that needs to be uh discussed i think that in certain operations for example countries should be aware that in some info campaign maybe should take some act and you know reduce media or maybe the media itself should take some responsibility on their actions which i probably think they wantfast forwarding a bit remember when you spoke about intelligence uh operations and international ntelligence reactor someone who used to work in the uh minister of defense home he was uh doing cleaning operations etc kind of takingcare of the house um really really you know up by the israeli the guy had many previous convictions and when he saw that the black shadow is looking for information about israel etc he communicated with them if i'm not mistaken over a telegram and he was trying to get money from them in exchange for leaking data from the minister home uh he was actually got arrested he was arrested by the shin bed and then later with the from the policeand there he was charged and he was charged upon sending them proofs andcommunicating with them as well the israeli government and the reason i'm showing it is it's really interesting in the uh claim they did not literally say it's iran it's really interesting the government is not yet officially claimed anywhere publicly however in you know in in closed calls etc everybody's saying it's iran but publicly officially even in this case they did not attribute to iran they attribute the public claims of companies and the media that this is so called an iranian group it's really interesting and this is bring me to once we looked at all of the timeline and there are some things that i missed out and on purpose it's basically because i'm trying to build this story of what actually happens and not speak about every specific attack but it really brings me to the final notes and the final notes we need to learn from it is number one there is an active operation of iranian trade actors against israel by the way of course i'm biased um israeli there is an active operation of israel in iran as well so i'm not trying to hide it but i'm only speaking from one side here and this presentation is completely biased i'm not trying even to hide it my main claim here is one in your case in your country you probably are suffering from similar attacks for example u.s has been attacked by china and other and even iran as well and iran is also being attacked by us and israel and there's many attacks all over the world russia is attacking us and many other countries threat groups attacking france the one thing you can take here from is that don't trust your government and don't believe your government will help you during an attack in most cases government prefer to stay on the side although the attacks are against private uh private companies from a threat actor that is allegedly a government based do not trust them to help you.